Here’s a quick one…
A developer was using AJAXControlToolkit in an application. Not a big deal. Except that it kept throwing that damn exception. You know the one:
Server Error in ” Application.
Security Exception
Description: The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact your system administrator or change the application’s trust level in the configuration file.
Exception Details: System.Security.SecurityException: Request for the permission of type ‘System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089′ failed.
I know what you’re going to say, but I prefer to not use caspol.exe to set the trust.
There were several other sites on the server using the toolkit that worked fine, without using caspol to set full trust.
The difference? Those other applications were compiling the AJAX DLL when the apps themselves were compiled. The developer in this case had just copied the DLL from the toolkit download and added the reference to her code.
I copied the DLL from one of the sites that I knew worked, and it magically started working. Copy her version of the DLL back, and it failed again (after IISReset).
I don’t really know how this happened, but if the DLL was referenced in the VS project, it should have been built with the rest of the app and then deployed with full trust…
So, if you’re running into this and you’re building the code yourself, make sure that the AjaxControlToolkit.dll is building with the rest of your application (the timestamp should be the same) as the other DLLs that were modified. Don’t just drop it in afterwards…it won’t work…
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=fdd8051e-f9fd-4550-9c8d-cd308ab24e44)
You mentioned setting the trust using caspol.exe. How do I go about doing that? And if I’m working off of a shared drive on a server, do I need to do that on the IIS machine or on my local machine? (IIS machine would seem to be the logical answer)
I had the same problem. I gave rights (read) to the IIS User in the BIN directory where the AJAXControlToolkit.dl is located. Is working now. I also did the “caspol -m -ag 1. -url “file://\\myshare\bin\AJAXControlToolkit.dl” FullTrust” fron the windows\Microsoft.net\Framework64\V2.0.50727 (My Server is 64 Bits and I am running Windows 2008 64 bits server with .net 3.5) but I do not think this solved the problem it was only until I gave rights to the users I set up to run the web site in ISS that started working.
This is a more generic solution for the same problem:
Right-click on the .dll causing the problem (or all of them if you don’t know) and check for the following security message: “This file came from another computer and might be blocked to help protect this computer.” If present, click “Unblock”, “Apply” and “OK”.
I found that I needed to do this for several of the source files within my Solution before rebuilding/republishing. These were AjaxControlToolkit.ddl and UrlRewritingNet.UrlRewriter.dll in my case. Just to be on the safe side I also cleared the Temporary ASP.NET Files folder and ran iisreset.
It’s taken me all afternoon to figure this out so thanks to Tom for pointing me in the right direction!
I have found that another solution to this problem is to deploy your web application with a web setup program instead of using a copy deployment.
Good call. We generally do copy deployments because it doesn’t require me giving app owners rights to the servers, but I’m sure I could modify our build/deployment process to deploy the app via installer without giving them rights.
Exception Details: System.Security.SecurityException: Request for the permission of type ‘System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089′ failed.
IIS 7 Pipeline mode: Integrated
Right-click AjaxControlToolkit.dll click ‘Unblock’
Simons ‘unblock’ solution worked for me, however the problem was occouring while running on the local IIS rather than a shared drive/hosting environment and only began when my dev machine was upgraded from Win7 32bit to Win7 64bit.
This worked for me after unblocking:
Run as Administrator:
cmd -> iisrestart
Windows 7 is so secure that I can’t even use it. Urgh, this is frustrating.
Windows 7 is killing me with security problems. Can get and local sites working on my local IIS.
Keeps giving security messages. I have opened up and shared folder to the whole world. Not sure what else I have to turn off to make it actually function so I can develop sites again.
What is the secret in windows 7 to actually let me use the computer ???